要求除了 RSS 提要之外的 Wordpress 博客的 httpauth 用户名和密码
Posted
技术标签:
【中文标题】要求除了 RSS 提要之外的 Wordpress 博客的 httpauth 用户名和密码【英文标题】:Requiring httpauth username and password for Wordpress blog except RSS feed 【发布时间】:2014-06-28 01:43:06 【问题描述】:我正在尝试使用 httpauth 保护我的 wordpress 博客,但 RSS 提要除外。这在 apache 2.2 中对我有用,但我无法在 apache 2.4 中使用。
我的博客目录中有一个 .htaccess 文件,如下所示:
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /blog/
RewriteCond %REQUEST_FILENAME !-f
RewriteCond %REQUEST_FILENAME !-d
RewriteRule . /blog/index.php [L]
</IfModule>
# END WordPress
AuthUserFile .htpasswd
AuthGroupFile /dev/null
AuthName blog
AuthType Basic
SetEnvIf Request_URI ^.*/feed/$ allow_access
<RequireAny>
Require env allow_access
Require expr %REQUEST_URI =~ m#^.*/feed/$#
Require ip 127.0.0.1
Require valid-user
</RequireAny>
这确实要求我输入密码,这是应该的,但即使在以 /feed/ 结尾的 URI 上,它仍然要求输入密码,它不应该这样做。
我的理解是 RequireAny 块中的前两行中的任何一行都应该满足 RequireAny,因此不要求输入密码。
在 apache 2.2 中,这对我有用,与
allow from env=allow_access
我做错了什么?是否有其他或更好的方法来做到这一点?
更新:我为 mod_rewrite 和 mod_authz 添加了额外的日志记录。这给了我以下信息:
[Sat May 10 16:31:32.590983 2014] [authz_core:debug] [pid 23422] mod_authz_core.c(802): [client 192.168.1.2:41194] AH01626: authorization result of Require env allow_access: granted
[Sat May 10 16:31:32.591570 2014] [authz_core:debug] [pid 23422] mod_authz_core.c(802): [client 192.168.1.2:41194] AH01626: authorization result of <RequireAny>: granted
[Sat May 10 16:31:32.591694 2014] [rewrite:trace3] [pid 23422] mod_rewrite.c(475): [client 192.168.1.2:41194] 192.168.1.2 - - [www.example.com/sid#7fdd2871f880][rid#7fdd28c5f250/initial] [perdir /var/www/html/www.example.com/blog/] add path info postfix: /var/www/html/www.example.com/blog/feed -> /var/www/html/www.example.com/blog/feed/
[Sat May 10 16:31:32.591731 2014] [rewrite:trace3] [pid 23422] mod_rewrite.c(475): [client 192.168.1.2:41194] 192.168.1.2 - - [www.example.com/sid#7fdd2871f880][rid#7fdd28c5f250/initial] [perdir /var/www/html/www.example.com/blog/] strip per-dir prefix: /var/www/html/www.example.com/blog/feed/ -> feed/
[Sat May 10 16:31:32.591754 2014] [rewrite:trace3] [pid 23422] mod_rewrite.c(475): [client 192.168.1.2:41194] 192.168.1.2 - - [www.example.com/sid#7fdd2871f880][rid#7fdd28c5f250/initial] [perdir /var/www/html/www.example.com/blog/] applying pattern '.' to uri 'feed/'
[Sat May 10 16:31:32.591813 2014] [rewrite:trace2] [pid 23422] mod_rewrite.c(475): [client 192.168.1.2:41194] 192.168.1.2 - - [www.example.com/sid#7fdd2871f880][rid#7fdd28c5f250/initial] [perdir /var/www/html/www.example.com/blog/] rewrite 'feed/' -> '/blog/index.php'
[Sat May 10 16:31:32.591843 2014] [rewrite:trace2] [pid 23422] mod_rewrite.c(475): [client 192.168.1.2:41194] 192.168.1.2 - - [www.example.com/sid#7fdd2871f880][rid#7fdd28c5f250/initial] [perdir /var/www/html/www.example.com/blog/] trying to replace prefix /var/www/html/www.example.com/blog/ with /blog/
[Sat May 10 16:31:32.591866 2014] [rewrite:trace1] [pid 23422] mod_rewrite.c(475): [client 192.168.1.2:41194] 192.168.1.2 - - [www.example.com/sid#7fdd2871f880][rid#7fdd28c5f250/initial] [perdir /var/www/html/www.example.com/blog/] internal redirect with /blog/index.php [INTERNAL REDIRECT]
[Sat May 10 16:31:32.592086 2014] [authz_core:debug] [pid 23422] mod_authz_core.c(802): [client 192.168.1.2:41194] AH01626: authorization result of Require env allow_access: denied
[Sat May 10 16:31:32.592122 2014] [authz_core:debug] [pid 23422] mod_authz_core.c(802): [client 192.168.1.2:41194] AH01626: authorization result of Require expr %REQUEST_URI =~ m#^.*/feed/$#: denied
[Sat May 10 16:31:32.592141 2014] [authz_core:debug] [pid 23422] mod_authz_core.c(802): [client 192.168.1.2:41194] AH01626: authorization result of Require ip 127.0.0.1: denied
[Sat May 10 16:31:32.592158 2014] [authz_core:debug] [pid 23422] mod_authz_core.c(802): [client 192.168.1.2:41194] AH01626: authorization result of Require valid-user : denied (no authenticated user yet)
[Sat May 10 16:31:32.592175 2014] [authz_core:debug] [pid 23422] mod_authz_core.c(802): [client 192.168.1.2:41194] AH01626: authorization result of <RequireAny>: denied (no authenticated user yet)
所以授权检查两次;重写之前和之后。问题是,rewrite 后 request_uri 显然不一样了。欢迎提出建议。
【问题讨论】:
【参考方案1】:我终于在这个Stack Exchange question找到了答案
使用url重写时,环境变量保存为REDIRECT_variable_name。
所以添加一行
Require env REDIRECT_allow_access
<RequireAny>
块内为我解决了问题。
【讨论】:
以上是关于要求除了 RSS 提要之外的 Wordpress 博客的 httpauth 用户名和密码的主要内容,如果未能解决你的问题,请参考以下文章
RSS 提要未在我的 Wordpress 提要中的 Mailchimp 时事通讯中显示图像
有两个用于 WordPress 的 RSS Feed URL